Changelog: VPN Null Encryption Support, SM Overview, & Wireless MVs

Changelog: VPN Null Encryption Support, SM Overview, & Wireless MVs

Too many updates to share, but since many of you asked about the absence in changelog announcements, I thought I’d check in and share a few lesser-known additions that dropped recently.

Non-Meraki IPsec Null Encryption Support

First up, null encryption support for IPSec tunnels on the Meraki MX security appliance was recently added. This is useful for designs that require standards-based IPSec VPN connectivity to third-parties where integrity (origin authentication) is required, but confidentiality (encryption) is not.

I’ve seen this used in a few different scenarios. Either upper layer protocols are already providing cryptographic protections (like HTTPS) or the traffic isn’t particularly sensitive and the third-party offers a lower cost service when null encryption is used. Either way, useful to have available.

Null encryption is configured under Security Appliance > Site-to-site VPN > Organization-wide settings > Non-Meraki VPN peers. Then select IPsec policies > Phase 2 > NULL.

Meraki MX VPN null encryption configuration

New Systems Manager Overview Page

Better look; more useful aggregated detail. The new SM Overview page provides a summary of realtime managed MDM device health.

The new rollup starts with a quick snapshot of enrollment information, check-in status, and profile/sync status. Security policy violation counts and OS platform details are also shown.

Meraki Systems Manager overview page top

The entire view is clickable to drill down into each of the component’s respective elements.

Meraki Systems Manager overview page bottom

Deploy MV12 Wirelessly

Wireless radio support for the new MV12 security camera platforms is now officially out of beta and available on all Meraki MV networks.

Wireless can dramatically reduce the costs of video surveillance deployments that require retrofitting from older coax solutions. Aging coax cabling drops to existing cameras almost always are accompanied by low-voltage, 12/24V power wires. The ability to use wireless for the MV video transport and the new Meraki MV low voltage power injector for the PoE conversion eliminates the need for new Cat5/6 data cabling to be rerun to each IP camera.

Historically, wireless IP camera solutions were rare due to the inherent risk of video loss due to uncontrollable RF interference sources and the lossier nature of wifi. That’s not an issue with Meraki’s MV however as the video is recorded and stored locally on each camera. Intermittent wifi drops or throughput issues don’t affect the source video.

To enable and configure wireless on MV networks, navigate to Cameras > Monitor > Cameras and select the MV12 cameras you’d like to create a wireless profile for.

Select Edit Wireless Settings.

Meraki MV edit wireless settings selection

From the wireless profile window, select Add or Edit a wireless profile.

Meraki MV wireless profile creation

Once you update the SSID information and click submit, you will need to add a second SSID as a backup. Remember, “Two is one. One is none.”

Meraki MV wireless profile review

Meraki MV wireless profile confirmation

Wireless may be the most recent addition to the MV12 camera platforms, but if you haven’t explored the live people counting aggregation analytics that went live a few months back then check it out. Really, really interesting work going on behind the scenes with the Snapdragon processor’s compute budget.

The Changelog series is an opportunity for to highlight the constant, behind-the-scenes updates to the Meraki cloud Dashboard that many operators aren’t aware of. Part of what makes the Cisco Meraki platform so compelling is the pace at which the Engineering and UI teams continue to iterate and improve the management experience. Featuring updates gives the community better insight into the elements being delivered. And, new is fun.